github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-21 13:53:55 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix hf sniff

Browse source 
This was broken in commit 17ab86c52 as the forced rounding up of
the size to 4-byte alignment in BigBuf_malloc made the size check
possibly larger than the buffer size as the check was always +3 on
the requested size rather than the rounded size. This was made
worse by BigBuf_max_traceLen not taking into account alignment
either and the alignmentn check in hfsnoop.c checking to 2 byte
alignment instead of 4 byte alignment.

The alignment size check now checks the size after alignment
rounding, and BigBuf_max_traceLen takes into account alignment
losses too reducing the need for BigBuf consumers to have to care
about alignment.
This commit is contained in:
nvx 2024-01-24 00:03:53 +10:00
commit da564aed3c
3 changed files with 10 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

13
armsrc/BigBuf.c
View file

@ -22,6 +22,9 @@
#include "pm3_cmd.h"
#include "util.h" // nbytes
#define BIGBUF_ALIGN_BYTES (4)
#define BIGBUF_ALIGN_MASK (0xFFFF+1-BIGBUF_ALIGN_BYTES)
extern uint32_t _stack_start[], __bss_end__[];
// BigBuf is the large multi-purpose buffer, typically used to hold A/D samples or traces.
@ -132,10 +135,11 @@ void BigBuf_Clear_keep_EM(void) {
// allocate a chunk of memory from BigBuf. We allocate high memory first. The unallocated memory
// at the beginning of BigBuf is always for traces/samples
uint8_t *BigBuf_malloc(uint16_t chunksize) {
if (s_bigbuf_hi < (chunksize + 3))
chunksize = (chunksize + BIGBUF_ALIGN_BYTES - 1) & BIGBUF_ALIGN_MASK; // round up to next multiple of 4
if (s_bigbuf_hi < chunksize)
return NULL; // no memory left
chunksize = (chunksize + 3) & 0xfffc; // round to next multiple of 4
s_bigbuf_hi -= chunksize; // aligned to 4 Byte boundary
return (uint8_t *)BigBuf + s_bigbuf_hi;
}
@ -145,7 +149,7 @@ uint8_t *BigBuf_malloc(uint16_t chunksize) {
uint8_t *BigBuf_calloc(uint16_t chunksize) {
uint8_t *mem = BigBuf_malloc(chunksize);
if (mem != NULL) {
memset(mem, 0x00, ((chunksize + 3) & 0xfffc)); // round to next multiple of 4
memset(mem, 0x00, ((chunksize + BIGBUF_ALIGN_BYTES - 1) & BIGBUF_ALIGN_MASK)); // round up to next multiple of 4
}
return mem;
}
@ -203,7 +207,7 @@ void BigBuf_print_status(void) {
// return the maximum trace length (i.e. the unallocated size of BigBuf)
uint16_t BigBuf_max_traceLen(void) {
return s_bigbuf_hi;
return s_bigbuf_hi & BIGBUF_ALIGN_MASK;
}
void clear_trace(void) {
@ -379,4 +383,3 @@ dmabuf8_t *get_dma8(void) {
return &dma_8;
}